Today: December 13, 2018, 9:33 pm
  
Computer & Technology

Sophos launches SophosLabs 2019 Threat Report

Unveils the rise of the hand-delivered, targeted cyberattacks as criminals stalk victims to bank millions
Joe Levy, CTO, Sophos
Joe Levy, CTO, Sophos
PR-Inside.com: 2018-11-15 09:05:28
Sophos (LSE: SOPH) today launched its 2019 Threat Report providing insights into emerging and evolving cybersecurity trends. The report, produced by SophosLabs researchers, explores changes in the threat landscape over the past 12 months, uncovering trends and how they are expected to impact cybersecurity in 2019.


“The threat landscape is undoubtedly evolving; less skilled cyber criminals are being forced out of business, the fittest among them step up their game to survive and we’ll eventually be left with fewer, but smarter and stronger, adversaries. These new cybercriminals are effectively a cross-breed of the once esoteric, targeted attacker, and the pedestrian purveyor of off-the-shelf malware, using manual hacking techniques, not for espionage or sabotage, but to maintain their dishonorable income streams.” - Joe Levy, CTO, Sophos, as referenced in the SophosLabs 2019 Threat Report.


The SophosLabs 2019 Threat Report focuses on these key cybercriminal behaviors and attacks:


• Capitalist cybercriminals are turning to targeted ransomware attacks that are premeditated and reaping millions of dollars in ransom - 2018 saw the advancement of hand-delivered, targeted ransomware attacks that are earning cybercriminals millions of dollars. These attacks are different than ‘spray and pray’ style attacks that are automatically distributed through millions of emails. Targeted ransomware is more damaging than if delivered from a bot, as human attackers can find and stake out victims, think laterally, trouble shoot to overcome roadblocks, and wipe out back-ups so the ransom must be paid. This “interactive attack style,” where adversaries manually maneuver through a network step-by-step, is now increasing in popularity. Sophos experts believe the financial success of SamSam, BitPaymer and Dharma to inspire copycat attacks and expect more happen in 2019.


• Cybercriminals are using readily available Windows systems administration tools- This year’s report uncovers a shift in threat execution, as more mainstream attackers now employ Advanced Persistent Threat (APT) techniques to use readily available IT tools as their route to advance through a system and complete their mission – whether it’s to steal sensitive information off the server or drop ransomware:


• Turning admin tools into cyberattack tools


In an ironic twist, or Cyber Catch-22, cybercriminals are utilizing essential or built-in Windows IT admin tools, including Powershell files and Windows Scripting executables, to deploy malware attacks on users.


• Cybercriminals are playing Digital Dominos


By chaining together a sequence of different script types that execute an attack at the end of the event series, hackers can instigate a chain reaction before IT managers detect a threat is operational on the network, and once they break in it’s difficult to stop the payload from executing.


• Cybercriminals have adopted newer Office exploits to lure in victims


Office exploits have long been an attack vector, but recently cybercriminals have cut loose old Office document exploits in favor of newer ones.


• EternalBlue becomes a key tool for cryptojacking attacks


Patching updates appeared for this Windows threat more than a year ago, yet the EternalBlue exploit is still a favorite of cybercriminals; the coupling of EternalBlue to cryptomining software turned the activity from a nuisance hobby into a potentially lucrative criminal career. Lateral distribution on the corporate networks allowed the cryptojacker to quickly infect multiple machines, increasing payouts to the hacker and heavy costs to the user.


• The continued threat of mobile and IoT malware – Malware’s impact extends beyond the organization’s infrastructure as we see the threat from mobile malware grow apace. With illegal Android apps on the increase, 2018 has seen an increased focus in malware being pushed to phones, tablets and other IoT devices. As homes and businesses adopt more internet-connected devices, criminals have been devising new ways to hijack those devices to use as nodes in huge botnet attacks. In 2018, VPNFilter demonstrated the destructive power of weaponized malware that affects embedded systems and networked devices that have no obvious user interface. Elsewhere, Mirai Aidra, Wifatch, and Gafgyt delivered a range of automated attacks that hijacked networked devices to use as nodes in botnets to engage in distributed denial-of-service attacks, mine cryptocurrency and infiltrate networks.

Press Information
Sophos
Sheikh Zayed Road

Shaina
PR Consultant
0561730550
email
www.oakconsulting.biz/

Published by
Nimi D'souza
+971507343840
e-mail
www.oakconsulting.biz



# 675 Words
Related Articles
More From The Author
ManageEngine Strengthens Unified Endpoint Management with [..]
ManageEngine, the real-time IT management company, today announced the launch of voice assistant and geo-fencing features for [..]
ManageEngine Adds User Behavior Analytics to ADAudit [..]
ManageEngine, the real-time IT management company, today announced the addition of user behavior analytics (UBA) to ADAudit Plus, [..]
Sophos Brings Deep Learning Innovation to GITEX [..]
Sophos (LSE:SOPH), a global leader in network and endpoint security, will showcase its latest security technology for endpoint, servers [..]
Sophos Signs Ingram Micro as Distributor in [..]
Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced it has signed Ingram Micro Inc., one [..]
IT Security and Analytics top priority for [..]
ManageEngine, the real-time IT management company, announced its participation in GITEX Technology Week 2018, which will be [..]
 
More From Computer & Technology
Cloud Analogy is all poised to unleash [..]
Cloud Analogy comprises of a team of 100 + experts with some of the outstanding Salesforce developers, designers and project [..]
Read Chain Games is pleased to announce [..]
New Digital Interactive Children’s Picture Book Grafton Underwood, UK, Release: November 12, 2018 For immediate release Stampy [..]
Intellias Attracts Horizon Capital’s Backing
On September 28, 2018, Intellias, a leading IT services provider with operations in Ukraine, announced today that a Horizon Capital-managed [..]
Appinventiv’s App Development Strategies Left a Notable [..]
Appinventiv, with its unparalleled excellence in mobile app development, will soon rank among the top mobile app development companies [..]
Breakthrough In Accessing The Tiny Magnet Within [..]
BREAKTHROUGH IN ACCESSING THE TINY MAGNET WITHIN THE CORE OF A SINGLE ATOM New method enables identification of different isotopes [..]

Disclaimer: If you have any questions regarding information in this press release please contact the company added in the press release. Please do not contact pr-inside. We will not be able to assist you. PR-inside disclaims the content included in this release.